cmd/dex: adding reflection to grpc api, enabled through configuration

Documentation/api.md

@@ -12,11 +12,13 @@ Admins that wish to expose the gRPC service must add the following entry to the
 grpc:
   # Cannot be the same address as an HTTP(S) service.
   addr: 127.0.0.1:5557
-  # Server certs. If TLS credentials aren't provided dex will generate self-signed ones.
+  # Server certs. If TLS credentials aren't provided dex will run in plaintext (HTTP) mode.
   tlsCert: /etc/dex/grpc.crt
   tlsKey: /etc/dex/grpc.key
   # Client auth CA.
   tlsClientCA: /etc/dex/client.crt
+  # enable reflection
+  reflection: true
 ```
 
 ## Generating clients

cmd/dex/config.go

@@ -150,6 +150,7 @@ type GRPC struct {
 	TLSCert     string `json:"tlsCert"`
 	TLSKey      string `json:"tlsKey"`
 	TLSClientCA string `json:"tlsClientCA"`
+	Reflection  bool   `json:"reflection"`
 }
 
 // Storage holds app's storage configuration.

cmd/dex/serve.go

@@ -21,6 +21,7 @@ import (
 	"github.com/spf13/cobra"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
+	"google.golang.org/grpc/reflection"
 
 	"github.com/dexidp/dex/api"
 	"github.com/dexidp/dex/pkg/log"
@@ -282,6 +283,10 @@ func serve(cmd *cobra.Command, args []string) error {
 				s := grpc.NewServer(grpcOptions...)
 				api.RegisterDexServer(s, server.NewAPI(serverConfig.Storage, logger))
 				grpcMetrics.InitializeMetrics(s)
+				if c.GRPC.Reflection {
+					logger.Info("enabling reflection in grpc service")
+					reflection.Register(s)
+				}
 				err = s.Serve(list)
 				return fmt.Errorf("listening on %s failed: %v", c.GRPC.Addr, err)
 			}()